On December 14, I became aware of a data dump from a hack of SpecialForces.com, a business that caters to those seeking military gear. As is our now informal policy, I waited a bit to post it to DataLossDB.org so that the firm would have a chance to get their customers’ data removed from the…
Category: Business Sector
Preliminary analysis of Stratfor data dump (updated)
Identity Finder has analyzed some of the data released from the Stratfor hack: 50,277 unique credit card numbers, of which 9,651 are not expired 86,594 email addresses, of which 47,680 are unique 27,537 phone numbers, of which 25,680 are unique 44,188 encrypted passwords, of which roughly 50 percent could be easily cracked 73.7 percent of decrypted passwords…
Attacks on Chinese sites continue: Now it’s 40 million users of Tianya who get the bad news (updated)
Zheng Yi reports: The registration details of about 40 million users of tianya.cn, a big social networking site, were found to have been leaked on Sunday, following last Thursday’s discovery that user information had been leaked from several other websites. According to Web users, tianya.cn was hacked and some 40 million users’ names and passwords…
What was Stratfor’s obligation to secure data and what might this breach cost them?
I thought it might be useful to post part of Texas law that may apply to Stratfor’s duty to protect subscriber data: Sec. 521.002. DEFINITIONS. (a) In this chapter: (1) “Personal identifying information” means information that alone or in conjunction with other information identifies an individual, including an individual’s: (A) name, social security number, date…
Stratfor updates those affected: will be offering free credit monitoring services and will be boosting security
The following was provided to DataBreaches.net by one of the recipients: From: “STRATFOR” Date: December 25, 2011 3:49:06 PM MST To: [redacted] Subject: Update on Security Issues Reply-To: “STRATFOR” View on Mobile Phone | Read the online version. Dear Stratfor Member, On December 24th an unauthorized party disclosed personally identifiable information and related credit card…
Stratfor’s privacy policy
I was stunned to read that credit card numbers were stored in clear text on Stratfor’s servers. So I pulled up a cached copy of their Privacy Policy as it appeared on December 19th: Privacy Policy STRATFOR Enterprises LLC , publisher of STRATFOR, and its affiliates (hereafter referred to collectively as “STRATFOR”) are committed to…